CISA KEV Update Part 1 – May 2023

The U.S. CISA has added seven new Linux-related vulnerabilities to its catalog and warned that they’re being actively exploited.

The vulnerabilities are described as frequent attack vectors for malicious cyber actors and pose significant risks to federal enterprises. Although the vulnerabilities listed are new to CISA’s database, most of the vulnerabilities are old, with one dating back to 2010.

The vulnerabilities were added to CISA’s Known Exploited Vulnerabilities catalog, a list of known Common Vulnerabilities and Exposure that carry significant risk to federal enterprises. CISA strongly urged all organizations to reduce their exposure to cyberattacks by prioritizing timely remediation of vulnerabilities in the catalog.

The vulnerabilities include

1. CVE-2023-25717, a multiple Ruckus Wireless Products cross-site forgery request and remote code execution vulnerability.
2. CVE-2021-3560,  a Red Hat Polkit incorrect authorization vulnerability.
3. CVE-2014-0196, a Linux Kernel race condition vulnerability.
4. CVE-2010-3904, a Linux Kernel improper input validation vulnerability.
5. CVE-2015-5317, a Jenkins user interface information disclosure vulnerability.
6. CVE-2016-3427, an Oracle Java SE and JRockit unspecified vulnerability.
7. CVE-2016-8735, an Apache Tomcat RCE vulnerability.

CISA has given a timeline as June 2^nd, 2023, as remediation sue date for Government agencies.